geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ashish Jain (JIRA)" <j...@apache.org>
Subject [jira] Created: (GERONIMO-5401) Geronimo encrypts empty passwords
Date Thu, 24 Jun 2010 09:24:49 GMT
Geronimo encrypts empty passwords
---------------------------------

                 Key: GERONIMO-5401
                 URL: https://issues.apache.org/jira/browse/GERONIMO-5401
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: databases
    Affects Versions: 2.1.5
         Environment: Geronimo tomcat assembly.
            Reporter: Ashish Jain
            Assignee: Ashish Jain
             Fix For: 2.1.7


This can be observed as follows
1) Create a test db pool with empty passwords. I had used derby embedded xa.
2) Deploy it.
3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.

The same behavior can be seen for SystemDatasource.

This behavior is misleading.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message